What is claimed is: 



1 1. A method for updating a protected partition witliln a liard drive of a 

2 computing system, wherein said method comprises: 

3 starting execution of an initialization program in a processor within said 

4 computing system in response to turning on electrical power within said 

5 computing system; 

6 determining whether an update partition file is stored in non-volatile 

7 storage within said computing system for subsequently updating said protected 

8 partition; 

9 after determining that said update partition is stored within said computing 
5 10 system for updating said protected partition, writing a portion of said update 

1 1 partition file to said protected partition; and 

12 locking said protected partition to prevent further modification of 

13 information stored within said protected partition. 

1 2. The method of claim 1 , wherein 

2 a flag bit is set in non-volatile storage within said computing system when 

3 said update partition file is stored in non-volatile storage within said computing 

4 system, and 

5 determining whether said update partition is stored within said computing 

6 system for updating said protected partition is performed by determining whether 

7 said flag bit is set. 

1 3. The method of claim 1 , wherein 

2 said method additionally comprises, after determining that said update 

3 partition file is stored within said computing system for updating said protected 
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4 partition, verifying whether said update partition file has been generated by a 

5 trusted server system, and 

6 said portion of said update partition is written to said protected partition 

7 only following verification that said update partition file has been generated by a 

8 trusted server system. 

1 4. The method of claim 3, wherein verification that said update partition file 

2 has been generated by said trusted server system includes: 

3 forming a first message digest by applying a hash algorithm to a portion of 

4 said update partition file; 

5 forming a second message digest by decrypting a digital signature within 

6 said update partition file using a public key of said trusted server system; and; 

7 determining that said first and second message digests are identical. 

1 5. The method of claim 3, wherein 

2 a setup password is stored in non-volatile storage within said computing 

3 system, 

4 verifying that said update partition file has been generated by said trusted 

5 server system includes signing an encrypted portion of said update partition file 

6 with a public key of said trusted server system, and 

7 said encrypted portion of said update partition file has been prepared by 

8 signing, with a private key of said trusted server system, a result of the 

9 application of an algorithm to data including a version of said setup password 
10 accessed by said trusted server system. 
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1 6. The method of claim 5, wherein 

2 said data includes said version of said setup password appended to a 

3 portion of said update partition file, 

4 said algorithm is a hash algorithm generating a message digest, and 

5 verifying that said update partition file has been generated by said trusted 

6 server system includes applying said hash algorithm to said setup password 

7 stored within said computing system appended to a portion of said update 

8 partition file to generate a first version of a message digest and comparing said 

9 first version of said message digest with a second version of said message 
10 digest obtained by signing said encrypted portion of said update partition file. 

1 7. The method of claim 1 , wherein 

2 said update partition file includes a plurality of entries and a plurality of 

3 encrypted elements, 

4 each encrypted element within said plurality of encrypted elements is 

5 associated with an entry in said plurality of entries. 

6 said method additionally comprises, following determining that said 

7 update partition file is stored within said computing system for updating said 

8 protected partition, verifying whether each entry in said plurality of entries within 

9 said update partition file has been generated by a trusted server system, and 

10 each entry in said plurality of entries within said update partition is written 

11 to said protected partition only following verification that said entry has been 

12 generated by a trusted server system. 

1 8. The method of claim 7, wherein verifying that said entry has been 

2 generated by said trusted server system includes: 

3 forming a first message digest by applying a hash algorithm to said entry; 
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4 forming a second message digest by signing said encrypted element 

5 associated with said entry using a public l<ey of said trusted server system; and; 

6 determining that said first and second message digests are identical. 

1 9. The method of claim 7, wherein 

2 a setup password is stored in non-volatile storage within said computing 

3 system, 

4 verifying that said entry has been generated by said trusted server system 

5 includes signing said encrypted element associated with said entry with a public 

6 key of said trusted server system, and 

7 said encrypted element of said update partition file has been prepared by 

8 signing, with said private key of said trusted server system, a result of the 

9 application of an algorithm to data including a version of said setup password 
10 accessed by said trusted server system. 

1 10. The method of claim 9, wherein 

2 said data includes said version of said setup password appended to a 

3 said entry, 

4 said algorithm is a hash algorithm generating a message digest, and 

5 verifying that said entry has been generated by said trusted server system 

6 includes applying said hash algorithm to said setup password stored within said 

7 computing system appended said entry to generate a first version of a message 

8 digest and comparing said first version of said message digest with a second 

9 version of said message digest obtained by signing said encrypted element. 



RPS9-2001-0011-US1 

Page 28 of 39 



1 11. The method of claim 7, wherein 

2 information stored in said protected partition is compared to each entry in 

3 said plurality of entries within said update partition, 

4 when a matching portion of said information stored in said protected 

5 partition is found to be similar to said entry, said matching portion is overwritten 

6 with said entry if space around said matching portion is sufficient, and 

7 when a matching portion of said information stored in said protected 

8 partition is not found to be similar to said entry, said entry is appended to said 

9 information stored in said protected partition if space within said protected 
10 partition is sufficient. 

g 1 12. The method of claim 1 , wherein 

C 2 said method additionally comprises receiving an input signal from a 

n 3 keyboard of said computing system and comparing said input signal with a signal 

;i 4 corresponding to a setup password stored in non-volatile storage within said 

5 computing system, and 

p 6 said protected partition is left unlocked if said input signal matches said 

I 7 signal corresponding to said setup password. 

1 13. A method for updating a protected partition within a hard drive of a client 

2 computing system, wherein said method comprises: 

3 generating an update partition file within a server; 

4 transferring said update partition file from said server to said client 

5 computing system; 

6 storing said update partition file in non-volatile storage within said client 

7 computing system; 
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starting execution of an initialization program In a processor within said 
client computing system in response to turning on electrical power within said 
client computing system; 

determining that said update partition file is stored In non-volatile storage 
within said client computing system; 

writing a portion of said update partition file to said protected partition; and 

locking said protected partition to prevent further modification of 
information stored within said protected partition. 

14. The method of claim 13, wherein said update partition file Is transferred 
from said server to said client computing system by means of electrical signals 
transmitted through a public switched telephone network. 

15. The method of claim 13, wherein said update partition file is transferred 
from said server to said client computing system by means of electrical signals 
transmitted over a local area network. 

16. The method of claim 13, wherein transfen-lng said update partition file 
from said server to said client computing system includes: 

writing said update partition file to a removable computer readable 
medium from said server; 

transporting said removable computer readable medium from said sever 
to said client computing system; and 

reading said update partition file from said removable computer readable 
medium Into said client computing system. 



RPS9-2001-0011-US1 

Page 30 of 39 



1 7. The method of claim 13, wherein 

a flag bit is set in non-volatile storage within said client computing system 
when said update partition file is stored in non-volatile storage within said client 
computing system, and 

determining that said update partition file is stored in non-volatile storage 
within said client computing system includes determining that said flag bit is set. 

1 8. The method of claim 13, wherein 

said method additionally comprises, following a determination that said 
update partition file is stored within said client computing system for updating 
said protected partition, verifying within said client computer system that said 
update partition file has been generated by said server, and 

said portion of said update partition is written to said protected partition 
only following verification that said update partition file has been generated by 
said server. 

19. The method of claim 18, wherein: 

generating said update partition file within said server includes fomning a 
first message digest by applying a hash algorithm to a portion of said update 
partition file, signing said first message digest with a private key of said server to 
forni a digital signature, and appending said digital signature to data within said 
update partition file; and 

verifying within said client computing system that said update partition file 
has been generated by said server includes forming a second message digest 
by applying a hash algorithm to a portion of said update partition file, forming a 
third message digest by signing said digital signature within said update partition 
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1 1 file using a public key of said server, and determining that said secxjnd and third 

12 message digests are identical. 

1 20. The method of claim 18, wherein: 

2 a setup password is stored in non-volatile storage within said client 

3 computing system; 

4 a copy of said setup password is stored in a database accessible to said 

5 server; 

6 generating said update partition file within said server includes forming an 

7 encrypted portion of said update partition file by signing a result of the 

8 application of an algorithm to data including said copy of said setup password; 
3 9 and 

I 10 verifying within said client computing system that said update partition file 
P 11 has been generated by said server includes signing said encrypted portion of 

II 12 said update partition file with a public key of said server. 

1 21 . The method of claim 20, wherein 

i 2 said data includes said version of said setup password appended to a 

I 3 portion of said update partition file, 

3 4 said algorithm is a hash algorithm generating a message digest, and 

5 verifying within said client computing system that said update partition file 

6 has been generated by said trusted server includes applying said hash algorithm 

7 to said setup password stored within said client computing system appended to a 

8 portion of said update partition file to generate a first version of a message digest 

9 and comparing said first version of said message digest with a second version of 

10 said message digest obtained by signing said encrypted portion of said update 

1 1 partition file with said public key of said server. 
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1 22. The method of claim 13, wherein 

2 said update partition file includes a plurality of entries and a plurality of 

3 encrypted elements, 

4 each encrypted element within said plurality of encrypted elements is 

5 associated with an entry in said plurality of entries. 

6 said method additionally comprises, following a determination that said 

7 update partition file is stored within said client computing system for updating 

8 said protected partition, verifying within said client computing system whether 

9 each entry in said plurality of entries within said update partition file has been 

10 generated by a server, and 

1 1 each entry in said plurality of entries within said update partition is written 

12 to said protected partition only following verification that said entry has been 

13 generated by said server. 

1 23. The method of claim 22, wherein 

2 each said encrypted element is formed in said server by applying a hash 

3 algorithm to said entry, forming a first message digest, and by signing said first 

4 message digest with a private key of said server; and 

5 verification that said entry has been generated by said server includes 

6 forming a second message digest by applying a hash algorithm to said entry, 

7 forming a third message digest by signing said encrypted element associated 

8 with said entry using a public key of said server, and detemnining that said 

9 second and third message digests are identical. 
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1 24. The method of claim 22, wherein 

2 a setup password is stored in non-volatile storage within said client 

3 computing system; 

4 a copy of said setup password is stored in a database accessed by said 

5 server; 

6 said encrypted element of said update partition file is prepared in said 

7 server by signing, with a private key of said server, a result of the application of 

8 an algorithm to data including said copy of said setup password; and 

9 verification within said client computing system that said entry has been 

10 generated by said server includes signing said encrypted element associated 

1 1 with said entry with said public key of said server, 

1 25. The method of claim 24, wherein 

2 said data includes said version of said setup password appended to a 

3 said entry, 

4 said algorithm is a hash algorithm generating a message digest, and 

5 said verification that said entry has been generated by said server 

6 includes applying said hash algorithm to said setup password stored within said 

7 client computing system appended to said entry to generate a first version of a 

8 message digest and comparing said first version of said message digest with a 

9 second version of said message digest obtained by signing said encrypted 

10 element. 
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1 26. A computer system comprising: 

2 a processor executing an initialization program in response to power 

3 being turned on in said computer program; 

4 a hard drive having a protected partition bloclced during execution of an 

5 initialization program to prevent changing information stored within said 

6 protected partition; 

7 non-volatile storage storing an update partition data structure for 

8 modifying contents of said protected partition and said initialization program, 

9 wherein said initialization program executing within said processor determines 

10 that said update partition data structure Is stored in said non-volatile storage, 

1 1 writes a portion of said update partition data structure to said protected partition, 

12 and locks said protected partition to prevent further modification of information 

13 stored within said protected partition. 

1 27. The computer system of claim 26, wherein 

2 a flag bit is set in non-volatile storage within said computing system when 

3 said update partition data structure is stored in non-volatile storage within said 

4 computing system, and 

5 said initialization program determines said update partition is stored within 

6 said computing system for updating said protected partition is performed by 

7 determining that said flag bit is set. 
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1 28. The computer system of claim 26, wherein 

2 after determining that said update partition data structure is stored within 

3 said computing system for updating said protected partition, said initialization 

4 program verifies whether said update partition data structure has been 

5 generated by a trusted server system, and 

6 said portion of said update partition is written to said protected partition only 

7 following verification that said update partition data structure has been generated 

8 by a trusted server system. 

1 29. The computer system of claim 28, wherein 

2 said update partition data structure includes a plurality of entries and a 

3 plurality of encrypted elements, 

4 each encrypted element within said plurality of encrypted elements is 

5 associated with an entry in said plurality of entries, and 

6 said initialization program uses each said encrypted element to determine 

7 that an entry associated with said encrypted element has been generated by 

8 said trusted server system. 

1 30. The computer system of claim 29, wherein 

2 said non-volatile storage additionally stores a setup password, and 

3 each said encrypted element includes a digital signature signed by said 

4 trusted server system, wherein said digital signature is formed by applying a 

5 hash algorithm to an entry associated with said encrypted element to form a 

6 message digest and by signing said message digest with a private key of said 

7 trusted server system. 
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1 31. A computer-readable medium, having stored thereon a data structure 

2 comprising a plurality of entries and a plurality of encrypted elements, wherein 

3 each encrypted element within said plurality of encrypted elements is 

4 associated with an entry in said plurality of entries, and 

5 each said encrypted element includes a digital signature signed by a 

6 trusted server system, wherein said digital signature is formed by applying a 

7 hash algorithm to an entry associated with said encrypted element, appended 

8 with a setup password of said computer system to form a message digest and by 

9 signing said message digest with a private key of said trusted server system. 

1 32. A system for updating a protected partition within a hard drive of a remote 

2 computing system, wherein said system comprises: 

3 a server including a database storing a setup password of said remote 

4 computer system and a public key of said remote computer system, and storage 

5 having stored thereon a data structure comprising a plurality of entries and a 

6 plurality of encrypted elements, wherein each encrypted element within said 

7 plurality of encrypted elements is associated with an entry in said plurality of 

8 entries, and each said encrypted element includes a digital signature signed by 

9 said server, wherein said digital signature is formed by applying a hash algorithm 

10 to an entry associated with said encrypted element to form a message digest 

1 1 and by signing said message digest with a private key of said server; 

12 means for transferring said data structure from said server to said remote 

13 computing system; 

14 a processor within said remote computer system; 

15 non-volatile storage within said remote computer system storing an 

16 initialization program for execution within said processor in response to power 

17 being turned on within said remote computer system, wherein said initialization 
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program executing within said processor determines tiiat said update partition 
data structure is stored in said non-volatile storage, determines that each entry 
has been generated by said server, writes a portion of said entries to said 
protected partition, and locks said protected partition to prevent further 
modification of information stored within said protected partition. 
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